/*
Copyright (c) 2008,2009, David Beck

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

#include "conn_priv.hh"
#include "secobj_priv.hh"
#include "ecdh_pkt.hh"
#include <string>
#include <stdio.h>

/**
  @file conn_priv.cc
  @brief implementation of conn_priv
*/

using rt0d4::sec::ecdh_pkt;

namespace rt0d4
{
  namespace rx
  {
    /*
     * most of the functionality is delegated to ecdh_pkt
     * configuration variables are stored in secobj_priv
     */

    /** @brief Private implementation of conn_priv */
    struct conn_priv::impl
    {
      /* variables */
      const secobj_priv & security_object_;
      bool is_authenticated_;
      void * conn_data_;
      ecdh_pkt ecdh_;

      /* initialization */
      impl(const secobj_priv & sepr) : 
          security_object_(sepr), is_authenticated_(false), conn_data_(0)
      { }

      /* interface */
      
      /* private data */
      void set_conn_data(void * dta)
      {
        conn_data_ = dta;
      }
      
      void * get_conn_data()
      {
        return conn_data_;
      }
      
      void set_authenticated(bool yesno)
      {
        is_authenticated_= yesno;
      }

      bool get_authenticated() const
      {
        return is_authenticated_;
      }

      bool create_challenge()
      {
        const char ** algs = security_object_.get_algorithms();
        if( !algs ) return false;

        if( !ecdh_.add_algorithms( algs ) ) return false;

        if( !ecdh_.add_keys_to_challenge(
            security_object_.get_eckey_strength_min(),
            security_object_.get_eckey_strength_max() ) ) return false;

        size_t cert_sz = 0;
        const unsigned char * cert = security_object_.get_own_cert(cert_sz);

        if( cert_sz > 0 && cert != NULL )
          if( !ecdh_.add_cert_to_challenge(cert,cert_sz) ) return false;

        return true;
      }

      const unsigned char * get_challenge(size_t & len)
      {
        unsigned char * ret = 0;
        if( !ecdh_.get_xdr_challenge(ret,len) ) return 0;
        return ret;
      }

      bool set_challenge(unsigned char * data, size_t len)
      {
        bool ret = ecdh_.set_xdr_challenge(data, len);
        // TODO : sanity checks ???
        return ret;
      }

      const unsigned char * get_response(size_t & len)
      {
        unsigned char * ret = 0;

        const char ** algs = security_object_.get_algorithms();
        if( !algs ) return 0;

        if( !ecdh_.add_algorithms( algs ) ) return 0;

        if( !ecdh_.add_key_to_response(
            security_object_.get_eckey_strength_min(),
            security_object_.get_eckey_strength_max() ) ) return 0;

        size_t cert_sz = 0;
        const unsigned char * cert = security_object_.get_own_cert(cert_sz);

        if( cert_sz > 0 && cert != NULL )
          if( !ecdh_.add_cert_to_response(cert,cert_sz) ) return 0;

        if( security_object_.get_own_login() && security_object_.get_own_pass() )
          if( !ecdh_.add_creds_to_response(
              security_object_.get_own_login(),
              security_object_.get_own_pass() ) ) return 0;

        if( !ecdh_.get_xdr_response(ret,len) ) return 0;

        return ret;
      }

      bool set_response(unsigned char * data, size_t len)
      {
        bool ret = ecdh_.set_xdr_response(data, len);
        // TODO : sanity checks ???
        return ret;
      }

      const unsigned char * get_session_key()
      {
        unsigned char * ret = ecdh_.get_session_key();
        if( !ret || !*ret ) return 0;
        return ret;
      }

      const unsigned char * get_peer_cert(size_t & len)
      {
        const unsigned char * ret = ecdh_.get_peer_cert(len);
        if( !ret || !len ) return 0;
        return ret;
      }

      const char * get_peer_login()
      {
        return ecdh_.get_peer_login();
      }

      const char * get_peer_password()
      {
        return ecdh_.get_peer_password();
      }
    };

    /* public interface */
    void
    conn_priv::set_conn_data(void * dta)
    {
      impl_->set_conn_data(dta);
    }
    
    void * 
    conn_priv::get_conn_data()
    {
      return impl_->get_conn_data();
    }
    
    const unsigned char *
    conn_priv::get_session_key()
    {
      return impl_->get_session_key();
    }

    void
    conn_priv::set_authenticated(bool yesno)
    {
      return impl_->set_authenticated( yesno );
    }

    bool
    conn_priv::get_authenticated() const
    {
      return impl_->get_authenticated();
    }

    bool
    conn_priv::create_challenge()
    {
      return impl_->create_challenge();
    }

    const unsigned char *
    conn_priv::get_challenge(size_t & len)
    {
      return impl_->get_challenge( len );
    }

    bool
    conn_priv::set_challenge(unsigned char * data, size_t len)
    {
      return impl_->set_challenge( data, len );
    }

    const unsigned char *
    conn_priv::get_response(size_t & len)
    {
      return impl_->get_response( len );
    }

    bool
    conn_priv::set_response(unsigned char * data, size_t len)
    {
      return impl_->set_response( data, len );
    }

    const unsigned char *
    conn_priv::get_peer_cert(size_t & len)
    {
      return impl_->get_peer_cert(len);
    }

    const char *
    conn_priv::get_peer_login()
    {
      return impl_->get_peer_login();
    }

    const char *
    conn_priv::get_peer_password()
    {
      return impl_->get_peer_password();
    }

    conn_priv::conn_priv(const secobj_priv & sepr)
      : impl_(new impl(sepr)),
        n_prepare_packet_ok_(0),
        n_send_packet_ok_(0),
        n_check_auth_ok_(0),
        n_create_challenge_ok_(0),
        n_get_challenge_ok_(0),
        n_get_response_ok_(0),
        n_check_response_ok_(0),
        n_check_packet_ok_(0),
        n_prepare_packet_err_(0),
        n_send_packet_err_(0),
        n_check_auth_err_(0),
        n_create_challenge_err_(0),
        n_get_challenge_err_(0),
        n_get_response_err_(0),
        n_check_response_err_(0),
        n_check_packet_err_(0)
        { }

    conn_priv::~conn_priv() {}

    /* private functions, copying and default construction is not allowed */
    conn_priv::conn_priv()
      : impl_((impl *)0) { throw std::string("should never be called"); }

    conn_priv::conn_priv(const conn_priv & other)
      : impl_((impl *)0) { throw std::string("should never be called"); }

    conn_priv &
    conn_priv::operator=(const conn_priv & other)
    {
      throw std::string("should never be called");
      return *this;
    }
  };
};

/* EOF */
